How to have spa + JWT auth api?


I am feeling very stupid but I don’t understand the doc and the tutorial.

I am making a SPA (angular). I have installed the angular auth0 sdk. I use the universal login. Then I need to call my backend api with a JWT (not an access token).

1/ Do I need 1 or 2 applications?
2/ Do I need to pass audience in loginWithRedirect? Do I need to pass audience getAccessTokenSilently? Because by default loginWithRedirect has an audience of ‘’ and it cannot be used for 2 app…

I got the error “consent is required” as my user auth and consent to “” and I will not ask my user to login antoher time for api.

I am very confused as I don’t understand how it works and I am building a fairly simple architecture app.

Any helps?



Hi @stefdelec,

Welcome to the Auth0 Community!

You need one registered application for your SPA, and one registered API for your API.

You can pass the audience when you initialize the auth module and it will be passed with requests for tokens.

The audience you are using ( is for the management API for your tenant. It is an example used in the angular doc, but you shouldn’t use it when you are looking for tokens for your custom API. You need to create an API in the dashboard and use the API Identifier as your audience.

thanks a lot.

I have one what you said, but know my backend is unable to create a user or even get user by email.
I think I added permissions to the api:

Then in api > ‘machine to machine applications’ I granted my app with these permissions.

Then in my app:

Is there anything wrong in my setting?



If you want to make management API operations from your backend you will need to create a M2M application for your backend and assign it the correct permissions in the Management API settings.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.